8584865dc95dd0a37b39a0fdaee2a065_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8584865dc95dd0a37b39a0fdaee2a065_JaffaCakes118
Size

152KB
MD5

8584865dc95dd0a37b39a0fdaee2a065
SHA1

ecfbdcea84abdd3e7e4282b356174524e5b90384
SHA256

7f15d89a099d9751c58c97dc05ab53b4e13eb559d1029547196c87e46343dd7a
SHA512

032a862f55336f4d7932a3115220d733e65b0946c36b11d7349ccbeb2711b7137e7a013129cdc08af81977de1442c5f0a68ba61426dada22f057ed8a3a5c6c22
SSDEEP

3072:WxDgR3sjBUwFEwQqu5Onkr7rTY0DzuhAGfQ6sEY3uO/T:Wl63OEwW55s0+hAGT5gus

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8584865dc95dd0a37b39a0fdaee2a065_JaffaCakes118

Files

8584865dc95dd0a37b39a0fdaee2a065_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6940211c482b4c08d1f88fb3b2abfeb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteConsoleInputVDMA
GetShortPathNameW
GetProcessHandleCount
SearchPathW
EnumResourceNamesA
FreeEnvironmentStringsW
MoveFileW
GetFullPathNameW
CompareFileTime
SetFileTime

shell32

CommandLineToArgvW
SHGetFolderPathW
SHFileOperationW
ShellExecuteW
ShellExecuteExW

user32

CreateCursor
IsWindow
SetWindowTextW
LoadIconW
ReleaseDC
IsDlgButtonChecked
GetWindowModuleFileNameW
PostQuitMessage
GetDlgCtrlID
DestroyWindow
SetWindowLongW
GetDC
GetFocus
PostMessageW
MsgWaitForMultipleObjects

ole32

CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoInitialize

comctl32

PropertySheetW

shlwapi

PathCombineW
PathAppendW
SHGetValueW
PathRemoveFileSpecW
PathFileExistsW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ